const express = require('express');
const router = express.Router();
const permissionController = require('../controllers/permissionController');
const authorize = require('../middleware/authz'); // 引入权限检查中间件

// 创建权限 (需要 permission:create 权限)
router.post('/', authorize('permission:create'), permissionController.createPermission);

// 获取权限列表 (需要 permission:query 权限)
router.get('/', authorize('permission:query'), permissionController.getPermissions);

// 获取权限分页数据 (需要 permission:query 权限)
router.get('/page', authorize('permission:query'), permissionController.getPermissionPage);

// 根据 ID 获取权限 (需要 permission:query 权限)
router.get('/:id', authorize('permission:query'), permissionController.getPermissionById);

// 更新权限 (需要 permission:update 权限)
router.put('/:id', authorize('permission:update'), permissionController.updatePermission);

// 删除权限 (需要 permission:delete 权限)
router.delete('/:id', authorize('permission:delete'), permissionController.deletePermission);

module.exports = router;